Sunday, December 3, 2023

Web Hosting Company Domainfactory Hacked – Customers Sensitive Personal Data Leaked

Web hosting company Domainfactory owned support forum has been compromised and hackers leaked personal sensitive data by breaking the customer database.

A stranger who have shared internal data of several customers as a proof and confirmed the data belonged to Domainfactory.

Domainfactory is a German hosting company which is owned by GoDaddy since 2016 and this breach Officially confirmed On 6 July.

The organization initially learned of the episode on 3 July. As indicated by the data that is right now accessible, the information arrived in the hands of outer outsiders on 29 January 2018 through an information feed after a system transaction.

According to the company, On July 3, 2018, a person in the DomainFactory forum claimed access to DomainFactory customer data. We initiated a detailed investigation and found that customer data was accessed by an outside party without authorization. The access route is now secured. We contact all customers with the recommendation to update their DomainFactory passwords.

Domainfactory finally confirmed that, leaked customer data including the following sensitive data.

– Customer name 
– Company name 
– Customer number 
– Address 
– E-mail addresses – Phone 
– DomainFactory Phone password 
– Date of birth
– Bank name and account number (eg IBAN or BIC) 
– Schufa score Please 

Journalist Fabian Scherschel also posted on Twitter, that he was also watching a Twitter thread “in which Lauter #Domainfactory customers ask a hacker about their data because DF does not respond to their requests” (all before Domainfactory’s disclosure).

In our vital Customer Information discharge dated July 7, 2018, we have demonstrated that we as of now removal of all passwords as a prudent measure. As an outcome, we have gotten more request about which gets to ought to be changed precisely. Instructions for changing your passwords can be found here:

– customer password 
– phone password 
– E-mail passwords 
– FTP / Live disk passwords 
– SSH passwords 
– MySQL database passwords 

Also company Said, We have notified the data protection authority and commissioned external experts with the investigation. The protection of the data of our customers is paramount and we regret the inconvenience this incident causes, very much.”

Also Read

How Much a Data Breach Could Cost for Enterprises and what are the Risks Involved

Key Elements and Important Steps to General Data Protection Regulation (GDPR)

Simple & Important Ways to Protect your Business from Cyber Attacks

How To Respond Cyber Incident In your Organization


Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles